The Exploit Blog | Penetration Testing & Cybersecurity Insights by Raxis

Discover the Art of Penetration Testing

The Exploit is Raxis’ cybersecurity blog where our penetration testers and red team experts share real-world insights, attack techniques, and strategies to strengthen defenses against evolving threats. We feature expert advice, detailed breakdowns of exploits, and practical guidance to help organizations understand and respond to today’s most pressing security challenges.

Exploits

CVE-2022-35739: PRTG Network Monitor Cascading Style Sheets (CSS) Injection

By Raxis Research Team

Posted in Exploits

This CSS vulnerability, discovered by Raxis’ Matt Mathur, lies in a device’s properties and how they are verified and displayed within PRTG Network Monitor.

Security Recommendations

What to Expect with a Raxis Wireless Penetration Test

By Scottie Cole

Posted in Security Recommendations

Wireless attacks are typically low-risk, high-reward opportunities that don’t often require direct interaction. See more about a wireless penetration test.

In The News

5 Things You Should (and Shouldn’t) Take Away from the Starlink Hack

By Scottie Cole

Posted in In The News

The hack of SpaceX’s Starlink shouldn’t distract security pros from the terrestrial threats that are much more likely and far more common.

Exploits

CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object References

By Raxis Research Team

Posted in Exploits

Raxis lead penetration tester Matt Dunn uncovers two more ManageEngine vulnerabilities (CVE-2022-26653 & CVE-2022-26777).

Exploits

CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)

By Raxis Research Team

Posted in Exploits

Matt Dunn discovers another ManageEngine Cross-Site Scripting vulnerability, this one in the Support Center Plus application.

Search The Exploit

Stay up to date with the latest in penetration testing

Name(Required)

First Last

Email(Required)

Newsletter(Required)

Do you wish to join our newsletter? We send out emails once a month that cover the latest in cybersecurity news. We do not sell your information to other parties.

Yes! Please send me Popped Culture, the Raxis Newsletter.

Cybersecurity Insights From The Frontlines

Discover the Art of Penetration Testing

CVE-2022-35739: PRTG Network Monitor Cascading Style Sheets (CSS) Injection

What to Expect with a Raxis Wireless Penetration Test

5 Things You Should (and Shouldn’t) Take Away from the Starlink Hack

CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object References

CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)

Search The Exploit

Stay up to date with the latest in penetration testing

Blog Categories

About Raxis

Resources